SUSE-SU-2021:1999-1

Опубликовано: 17 июн. 2021

Источник: suse-cvrf

Описание

Security update for tpm2.0-tools

This update for tpm2.0-tools fixes the following issues:

CVE-2021-3565: Fixed issue when no encrypted session with the TPM is used (bsc#1186490).

Список пакетов

SUSE Linux Enterprise Module for Basesystem 15 SP2

tpm2.0-tools-4.1-3.3.1

Ссылки

https://www.suse.com/support/update/announcement/2021/suse-su-20211999-1/
Link for SUSE-SU-2021:1999-1
https://lists.suse.com/pipermail/sle-security-updates/2021-June/009031.html
E-Mail link for SUSE-SU-2021:1999-1
https://www.suse.com/support/security/rating/
SUSE Security Ratings
https://bugzilla.suse.com/1186490
SUSE Bug 1186490
https://www.suse.com/security/cve/CVE-2021-3565/
SUSE CVE CVE-2021-3565 page

Описание

A flaw was found in tpm2-tools in versions before 5.1.1 and before 4.3.2. tpm2_import used a fixed AES key for the inner wrapper, potentially allowing a MITM attacker to unwrap the inner portion and reveal the key being imported. The highest threat from this vulnerability is to data confidentiality.

Затронутые продукты

SUSE Linux Enterprise Module for Basesystem 15 SP2:tpm2.0-tools-4.1-3.3.1

Ссылки

https://www.suse.com/security/cve/CVE-2021-3565.html
CVE-2021-3565
https://bugzilla.suse.com/1186490
SUSE Bug 1186490

SUSE-SU-2021:1999-1

Описание

Список пакетов

SUSE Linux Enterprise Module for Basesystem 15 SP2

Ссылки

Уязвимость: CVE-2021-3565

Описание

Затронутые продукты

Ссылки